Vulnerabilities > CVE-2021-45392 - Out-of-bounds Write vulnerability in Tenda Ax12 Firmware 22.03.01.21Cn

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

tenda

CWE-787

NVD

Published: 2022-02-14

Updated: 2022-02-23

Summary

A Buffer Overflow vulnerability exists in Tenda Router AX12 V22.03.01.21_CN in the sub_422CE4 function in page /goform/setIPv6Status via the prefixDelegate parameter, which causes a Denial of Service.

Vulnerable Configurations

Part	Description	Count
OS	Tenda Tenda Ax12 Firmware 22.03.01.21_Cn	1
Hardware	Tenda Tenda Ax12 -	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://www.tenda.com.cn/product/AX12.html
https://www.tenda.com.cn/
http://tendawifi.com/index.html
https://github.com/sec-bin/IoT-CVE/tree/main/Tenda/AX12/2